Users report they are unable to access a website from their CloudConnect Virtual Desktop. The user may be able to access the website from their local computer and/or other devices not connected to CloudConnect. Users either receive “The page cannot be displayed,” Web Site not Available,” “Malicious Web Site Blocked,” or “Warning! Accessing this Web Site is NOT Allowed.” In other circumstances only part of the web page will load.
CloudConnect utilizes various security technologies to prohibit users from accessing known malicious websites. There are two types of content filters, DNS based, and IP Address based. These messages, or inability to access certain websites actually indicates the Content Filtering is working properly, however in certain circumstances, CloudConnect could be blocking a harmless website and/or Internet IP Address. This Article will provide guidance to confirming the cause and requesting the content be marked as a false positive.
If the website or webpage only partially loads or does not load at all:
If the site's content partially loads or an error message is displayed similar to “The page cannot be displayed,” then it is likely the website or part of its content is hosted on a server utilizing a known malicious IP address or a server located in a Geographic location with a high incident of cybercrime (i.e. China, Russia, Ukraine, Latin America, etc.). If the page partially loads, you may need to "View Source," in order to determine the URLs of embedded content.
You can verify CloudConnect is blocking the IP address by first determining the IP address the website resolves to. You can use the following website to determine if CloudConnect considers this IP address to be malicious:
If the IP address is listed in any feed, then you will need to open a Ticket with CloudConnect Technical Support with the name of the website and Internet IP address you are attempting to access. CloudConnect will conduct an internal investigation to determine if a false positive exists, or if the IP address is of minimal risk. The decision of whether or not an exception may be made is strictly up to CloudConnect Technical Support.
If the website or webpage displays a Norton® DNS Warning:
“Warning! Access this Web Site is NOT Allowed” indicates the web site hosts pornographic content, the filtering of which is enabled by default, due to pornographic association with malware distribution. In this case, users will not be able to bypass the warning message and access the content.
“Malicious Web Site Blocked” indicates that the web site itself is of high security risk, and may be a known distributor of malware or hosting of other malicious content. Bypassing this warning is not recommended.
To alter content filtering within your Microsoft Windows Domain, change the DNS Forwarders to suit your specific organization’s needs.To do this, access your domain controller and open the DNS management console.From the DNS console right click on the Server Node and choose “Properties,” then select the “Forwarders” tab:
The following Forwarder configurations are supported by CloudConnect:
188.8.131.52; 184.108.40.206 (Filter Cybercrime)
220.127.116.11; 18.104.22.168 (Filter Cybercrime & Pornography)
22.214.171.124; 126.96.36.199 (Filter Cybercrime, Pornography, & Mature Content)
It is imperative that both IP addresses are specified (for redundancy) based on the level of Content forwarding you choose.
CloudConnect blocks communication to and from approximately 7 million known malicious IP addresses, plus geographic locations where there is a high incidence of cybercrime. This program, known as ThreatSTOP has a low false positive rate and helps provide significant protection to end users from malware distribution, botnets, SPAM, and theft of information hosted on the CloudConnect desktop. For more information on ThreatSTOP, see www.threatstop.com. For more information on Norton® DNS see, https://dns.norton.com
Microsoft Windows Desktop and Server Operating Systems XP/2003 and later
Citrix XenApp 6.5